Beware Internet Explorer Zero-Day Hack: Microsoft

Dennis Faas's picture

Microsoft is warning its customers that a newly discovered flaw in its Internet Explorer (IE) web browser could allow hackers to execute malicious code and take control of an unsuspecting user's computer.

That would give a cyber-criminal the ability to use the computer and all its resources for unknown, possibly illegal, purposes.

Microsoft has indicated that users of every recent version of the Windows operating system (OS), including Windows XP, Windows Vista, and Windows 7, are vulnerable to such an attack.

Beware Email Links from Suspicious Sources

The Redmond, Washington-based software giant says that when cyber-crooks are able to convince an unsuspecting computer user to visit a specially-crafted website (usually by following a malicious link placed inside an innocent-looking email), they can gain the ability to exploit the Windows flaw and thereby execute the malicious code.

Once the code runs on a computer, the hacker gains the power to re-configure the OS settings, and thereby obtain remote access to the PC. In doing so, they could even block access to legitimate users. (Source: gcn.com)

The flaw was first discovered by McAfee researchers on June 1, 2012. Since then, that company's security experts have been working closely with Microsoft to develop a patch that will eliminate the flaw and correct the security weakness.

Meanwhile, other security experts, like Ars Technica's Dan Goodin, are warning Windows OS users to immediately download the most recent security update from Microsoft in order to avoid the possibility of having their computer systems infiltrated.

"If you run Windows and haven't installed Tuesday's batch of security fixes, you should stop whatever else you're doing and run them now," Goodin said. (Source: arstechnica.com)

No Exploits Reported -- Yet

Microsoft has acknowledged that the security flaw exists, but says that so far no one has reported their system being attacked through this particular vulnerability.

Windows users who have their computer configured to automatically update their OS should have already received the patch. Everyone else with computers running Windows can view available updates by selecting the Windows Start Menu; clicking "All Programs," and then navigating to "Windows Update".

Rate this article: 
No votes yet